<?php

/**
 * @author FROSTY (valik619)
 * @site nadmad.ru
 * @mail valik619@inbox.ru
 */
$title = $lang['authorize'];
    include('system/core.php');

$form = 1;
$nick = isset($_POST['nick']) ? functions::check($_POST['nick']) : NULL;
$pass = isset($_REQUEST['pass']) ? functions::check($_REQUEST['pass']) : NULL;
$member = 1;
if ($pass && !$nick && !$id){
    include('system/head.php');
    echo '<div class="title"><b>'.$title.'</b></div>';
    echo '<div class="menu">'.$lang['need_write_nick'].'</div>';
    include('system/foot.php');
    exit;
    }
if (($nick || $id) && !$pass){
    include('system/head.php');
    echo '<div class="title"><b>'.$title.'</b></div>';
    echo '<div class="menu">'.$lang['need_write_pass'].'</div>';
    include('system/foot.php');
    exit;
    }
if ($nick && (mb_strlen($nick) < 2 || mb_strlen($nick) > 20)){
    include('system/head.php');
    echo '<div class="title"><b>'.$title.'</b></div>';
    echo '<div class="menu">'.$lang['error_leng'].'</div>';
    include('system/foot.php');
    exit;   
}
if ($pass && (mb_strlen($pass) < 6 || mb_strlen($user_pass) > 32)){
    include('system/head.php');
    echo '<div class="title"><b>'.$title.'</b></div>';
    echo '<div class="menu">'.$lang['error_pass'].'</div>';
    include('system/foot.php');
    exit;   
}
if ($pass && $nick) {
    
    //////////////////Запит в базу....
    $req = mysql_query("SELECT * FROM `users` WHERE `nick`='".mb_strtolower($nick)."' LIMIT 1");
    if (mysql_num_rows($req)) {
        
        $user = mysql_fetch_assoc($req);

 
            if (md5(md5($pass)) == $user['pass']) {
          
                $form = 0;
                    // Якщо все вірно то готуємось входити...
                        $coid = $user['id'];
                        $copass = $user['pass'];
                    //Встановлюємо куки
                        $cookieid = SetCookie("id", $coid, time() + 3600 * 24 * 365);
                        $cookiepass = SetCookie("pass", $copass, time() + 3600 * 24 * 365);
                        
                        if($cookieid == FALSE){
                              include('system/head.php');
    echo '<div class="title"><b>'.$title.'</b></div>';
                echo '<div class="menu">COOKIE ON PLEASE</div>';
                    include('system/foot.php');
                        exit;   
                        }
                    
                    header('Location: http://'.$set['home'].'');
                
            } else {
    include('system/head.php');
    echo '<div class="title"><b>'.$title.'</b></div>';
                echo '<div class="menu">'.$lang['pass_not'].'</div>';
                    include('system/foot.php');
                        exit;  
        }
        } else {
         include('system/head.php');
         echo '<div class="title"><b>'.$title.'</b></div>';
         echo '<div class="menu">'.$lang['log_or_pass'].'</div>';
         include('system/foot.php');
         exit;   
    }
}

if ($form) {
    
    include('system/head.php');
    echo '<div class="title"><b>'.$title.'</b></div>';
        $vsego = mysql_query("SELECT * FROM `users`");
        $s = mysql_num_rows($vsego);
    echo '<div id="imenu" class="info"><form action="login.php" method="post"><p>Нік: (max. 20)<br/>' .
         '<input type="text" name="nick" value="' . htmlentities($nick, ENT_QUOTES, 'UTF-8') . '" maxlength="20"/>' .
         '<br/>Пароль: (max 32)<br/>' .
         '<input type="password" name="pass" maxlength="32"/></p>' .
         '<p><input type="submit" value="Авторизуватись"/></p>' .
         '</form></div><div class="small"><a href="reg.php" class="url">'.$lang['we_are'].' '.$s.'!</a></div></div>' .
         '';
         include('system/foot.php');
}


/**
 * @author FROSTY (valik619)
 * @site nadmad.ru
 * @mail valik619@inbox.ru
 */

?>